Ubuntu Security Notice 1588-1 - It was discovered that the apt-add-repository tool incorrectly validated PPA GPG keys when importing from a keyserver. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered package repository GPG keys.
d4396190ccfa94588380a58d858289ecb7fc6d60d433cd55f43f525f2db9e5a0